Julien Delange • Wednesday, October 26, 2022
Python: do not use empty array as function parameters
Using empty array as a default parameter value leads to unexpected results as parameters are evaluated only once.
Read more • 4 min. read
Codiga Blog
Write better code, faster.
Julien Delange • Tuesday, October 25, 2022
Python: random is not so random (CWE-330)
The random module does not produce too random values and should be often replaced by the secrets module.
Read more • 4 min. read
Julien Delange • Sunday, October 23, 2022
How Codiga migrated from Intel to Graviton in AWS
Migrating from an Intel architecture to Graviton in AWS brings some cost benefits. We explained how we migrated all our infrastructure.
Read more • 9 min. read
Ivan Homola • Friday, October 21, 2022
How to display code snippets in HTML?
Looking for a way to display code snippets in HTML and want to showcase your code on your blog? Check out this quick tutorial with examples.
Read more • 8 min. read
Julien Delange • Thursday, October 20, 2022
Present SQL injection in Python (CWE-89)
SQL Injections is one of the most common vulnerability. Prevent SQL injections with code analysis in your IDE.
Read more • 5 min. read
Julien Delange • Wednesday, October 19, 2022
Python Jinja2: always autoescape to avoid XSS attacks
Not using autoescape in jinja2 makes your vulnerable to XSS attacks. Always use autoescape=True in your Jinja2 environment
Read more • 4 min. read
Julien Delange • Tuesday, October 18, 2022
Unsafe Deserialization in Python (CWE-502)
Unsafe deserialization can cause an attack and compromise your system. You need to check your Python code to make sure you avoid them.
Read more • 5 min. read
Julien Delange • Monday, October 17, 2022
SSL module in Python: stay secure!
The Python SSL module gives a false sense of security and must be used carefully.
Read more • 4 min. read